Jump to content


Photo
- - - - -

Avoid Browser Fingerprint

fingerprint fingerprinting browser

  • Please log in to reply
20 replies to this topic

#1 hugomueller

hugomueller

    Advanced Member

  • Members
  • PipPipPip
  • 119 posts

Posted 07 November 2016 - 11:00 AM

Would it be possible to integrate an anti fingerprinting device in Eddie?

I found out that cyberghost is doing that. I couldn't find a good other standalone software which avoids fingerprinting.

I tested it on this site:

https://amiunique.org/fp



#2 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2195 posts

Posted 07 November 2016 - 12:18 PM

This is a pure marketing junk.

In fact, in order to cover fingerprinting, you have to go much deeper than just browser language and user agent.

 

There are fonts which are unique per each OS, there is javascript timezone setting, web beacons, browser pings,

and so on. For a more complete solution look into the following extension:

 

https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/

 

 

Technically it would be a bad idea to implement something like this in a VPN client. This leads to bloatware and

potential incompatibility with future browser versions, so it has to be installed and configured by each user individually.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#3 air_is_nice

air_is_nice

    Advanced Member

  • Members
  • PipPipPip
  • 42 posts

Posted 07 November 2016 - 01:01 PM

zhang888, I've been looking for something like that, but for Chrome. I'm aware of the UA switching that umatrix provides, but I'd like a more complete solution. Do you know of an extension like that one but for chrome? 



#4 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2195 posts

Posted 07 November 2016 - 02:55 PM

No, it's unlikely to happen in Chrome, extensions are more limited in it's API compared to Firefox.

Ublock and some user agent addons are still enough for most users.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#5 CultureVulture

CultureVulture

    Advanced Member

  • Members
  • PipPipPip
  • 144 posts

Posted 07 November 2016 - 08:15 PM

Zhang888, would Random Agent spoofer and UBlock Origin work well together for this purpose? Should it be one or the other? Sorry, I don't understand how they work, so would like to have an idea how to avoid browser fingerprinting without completely cluttering up Firefox with a ton of unnecessary add ons. I should say, I also use NoScript, though not sure if that's relevant in this context.
Thanks.

#6 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2195 posts

Posted 07 November 2016 - 11:35 PM

Yes, they are totally inter-compatible and work on slightly different levels.

Random-Agent-Spoofer is mainly manipulating HTTP requests and responses while uBlock Origin and similar

ad blockers are parsing the content itself and apply filters on network and HTML/JS parts of the browser.

 

They are working safely and even recommended to be used together for better privacy.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#7 serenacat

serenacat

    Advanced Member

  • Members
  • PipPipPip
  • 221 posts

Posted 08 November 2016 - 02:02 AM

Using https://panopticlick.eff.org for feedback is interesting.

 

With FF 49.0.2 on W7 with addons disabled:

"Your browser fingerprint appears to be unique among the 180,968 tested so far."

 

With FF 49.0.2 on W7 with addons NoScript, uBlock Origin, Image Block enabled (and some others)

"only one in 2479.9 browsers have the same fingerprint as yours."

 

With Google Chrome 54.0.2840.87 m on W7 with just Readability and SpeakIt addons

"appears to be unique among the 181,048 tested so far."

 

I expect to add Random Agent Spoofer to my workaday FF after seeing a bit more feedback (possible strange incompatibilities etc).

The fine grain configuration  and amount of effort of the author, and record with other addons is positive, as well as recommendation here.



#8 Nissemus

Nissemus

    Advanced Member

  • Members
  • PipPipPip
  • 115 posts

Posted 15 November 2016 - 12:08 AM

I read a story recently that said many agent spoofers make it *easier* to identify particular users, because a lot of the random fingerprints they generate are either very unlikely or completely impossible in the real world.



#9 go558a83nk

go558a83nk

    Advanced Member

  • Members
  • PipPipPip
  • 1466 posts

Posted 15 November 2016 - 01:50 PM

I read a story recently that said many agent spoofers make it *easier* to identify particular users, because a lot of the random fingerprints they generate are either very unlikely or completely impossible in the real world.

 

but the point is that it changes often.  it may be unique but if it changes upon the next visit to that site doesn't that do the job?



#10 jean claud

jean claud

    Advanced Member

  • Members
  • PipPipPip
  • 151 posts

Posted 03 February 2017 - 05:02 PM

The most recent update of Pale Moon, a Firefox spin-off, introduces a native option in the browser that should make it a lot harder for others to use Canvas to fingerprint the browser.

Dunno what it really  worth

Disable Javascript seems to be the only thing to avoid it



#11 giganerd

giganerd

    I shall have no title

  • Members
  • PipPipPip
  • 2445 posts
  • LocationGermany

Posted 03 February 2017 - 08:51 PM

The most recent update of Pale Moon, a Firefox spin-off, introduces a native option in the browser that should make it a lot harder for others to use Canvas to fingerprint the browser.

Dunno what it really  worth

Disable Javascript seems to be the only thing to avoid it

 

https://panopticlick.eff.org :)


Always remember:
There's a guide to AirVPN,

Amazon IPs are not dangerous here,
running TOR exits is discouraged,

using spoilers for your logs is the proper way to heaven.
Same issues are rare! Search for solutions and if not successful open your own threads.

~ Furthermore, I propose that your paranoia is to be destroyed. ~

 


#12 jean claud

jean claud

    Advanced Member

  • Members
  • PipPipPip
  • 151 posts

Posted 04 February 2017 - 08:47 AM

I know this site (panopticlick)  , it makes me crying everytime I visit it , so know I prefer to visit Toscana :o)

Fingerprint gives the infos below :

  • the encrypted IP address,
  • name of the operating system,
  • screen resolution,
  • time zone settings,
  • fonts installed on your computer,
  • the string with information about the browser (i.e. the User Agent String),
  • the time and date of the test,
  • plugins installed on your browser,
  • list of accepted MIME types,
  • the navigator object hashed, values of navigator.doNotTrack and navigator.buildID,
  • and the generated identifier.

 

When you disable JS a lot of these infos aren't collected , the firefox or Chrome extensions are very weak weapons against fingerprinting , alas for the moment it seems  impossible to avoid it  :



#13 pr1v

pr1v

    Advanced Member

  • Members
  • PipPipPip
  • 239 posts

Posted 04 February 2017 - 01:24 PM

As it was said before in this forum: use Tor Browser without Tor and you will get the perfect browser to avoid fingerprinting. If you want to use Tor enable it.

#14 giganerd

giganerd

    I shall have no title

  • Members
  • PipPipPip
  • 2445 posts
  • LocationGermany

Posted 04 February 2017 - 05:19 PM

When you disable JS a lot of these infos aren't collected , the firefox or Chrome extensions are very weak weapons against fingerprinting , alas for the moment it seems  impossible to avoid it  :

 

May I suggest a tradeoff? NoScript.


Always remember:
There's a guide to AirVPN,

Amazon IPs are not dangerous here,
running TOR exits is discouraged,

using spoilers for your logs is the proper way to heaven.
Same issues are rare! Search for solutions and if not successful open your own threads.

~ Furthermore, I propose that your paranoia is to be destroyed. ~

 


#15 jean claud

jean claud

    Advanced Member

  • Members
  • PipPipPip
  • 151 posts

Posted 05 February 2017 - 09:23 AM

Excellent extension , suggestion accepted :yes:

Using Tor browser without Tor is excellent too !



#16 feyl

feyl

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 05 February 2017 - 08:00 PM

if youre looking for something similar on chrome i suggest script safe, its a good anti-fingerprinting tool

 

https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en



#17 jean claud

jean claud

    Advanced Member

  • Members
  • PipPipPip
  • 151 posts

Posted 11 February 2017 - 01:06 PM

I confirm "script safe" is the best extension available , no fingerprinting detected by panopticlick or browserleaks, too bad it doesn't exist for Firefox

#18 SDBF

SDBF

    Advanced Member

  • Members
  • PipPipPip
  • 32 posts

Posted 12 February 2017 - 09:34 PM

https://addons.mozilla.org/en-US/firefox/addon/canvas-fingerprint-blocker/?src=api

 

https://notabug.org/desktopd/no-resource-uri-leak



#19 go558a83nk

go558a83nk

    Advanced Member

  • Members
  • PipPipPip
  • 1466 posts

Posted 12 February 2017 - 09:40 PM

https://addons.mozilla.org/en-US/firefox/addon/canvas-fingerprint-blocker/?src=api

 

https://notabug.org/desktopd/no-resource-uri-leak

 

https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/  this seems to get much better reviews than the one you posted.



#20 serenacat

serenacat

    Advanced Member

  • Members
  • PipPipPip
  • 221 posts

Posted 14 February 2017 - 06:51 AM

More creatures evolving in cyberspace:

https://arstechnica.com/security/2017/02/now-sites-can-fingerprint-you-online-even-when-you-use-multiple-browsers







Similar Topics Collapse


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 14323 - BW: 38986 Mbit/sYour IP: 54.92.173.9Guest Access.